| Date: | 28 Dec 2004 20:41:35 -0000 |
From: | "Peter Laborge" <plaborge@securityfocus.com>
| To: | linux-secnews@securityfocus.com |
Subject: | SecurityFocus Linux Newsletter #216 |
SecurityFocus Linux Newsletter #216
------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Spam Punishment Doesn't Fit the Crime
2. Why Open Source Solaris?
II. LINUX VULNERABILITY SUMMARY
1. HTGET URI Buffer Overflow Vulnerability
2. PHP Shared Memory Module Offset Memory Corruption Vulnerabil...
3. KDE Konqueror Multiple Remote Java Sandbox Bypass Vulnerabil...
4. CHPOX Unspecified Vulnerability
5. GNU Troff (Groff) Insecure Temporary File Creation Vulnerabi...
6. MIT Kerberos 5 Administration Library Add_To_History Heap-Ba...
7. LibVNCServer Multiple Unspecified Vulnerabilities
8. Rosiello Security RFTPD Multiple Remote And Local Vulnerabil...
9. Perl RMTree Local Race Condition Vulnerability
10. Rosiello Security RPF Multiple Remote And Local
Vulnerabilit...
11. libTIFF Heap Corruption Integer Overflow Vulnerabilities
12. MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side
B...
13. Debian Debmake Local Insecure Temporary File Creation
Vulner...
14. Linux Kernel 32 Bit Compatibility System Call Handler AMD64
...
15. Skype Technologies Skype Internet Telephony Insecure
Default...
16. Snort DecodeTCPOptions Remote Denial Of Service
Vulnerabilit...
17. SSLTelnetd Unspecified Format String Vulnerability
18. NetWin SurgeMail Webmail Unspecified Vulnerability
19. Linux Security Modules Process Capabilities Design Error
20. Nullsoft SHOUTcast File Request Format String Vulnerability
21. Linux Kernel ELF Binary Loading Denial Of Service
Vulnerabil...
III. LINUX FOCUS LIST SUMMARY
1. Honeynet KYE paper (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. CoreGuard Core Security System
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. pasmal 1.5
2. PatchLink Update 6.01.78
3. AutoScan b0.92 R6
4. ksb26-2.6.9 Kernel Socks Bouncer for 2.6.x kernels 2.6.9
5. rootsh 0.2
6. Maillog View v1.03.3
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Spam Punishment Doesn't Fit the Crime
By Mark Rasch
When spammers are treated more harshly than those who commit war crimes
in
Rwanda, and are fined more than companies that destroy the environment,
it's time to revisit our strategy.
http://www.securityfocus.com/columnists/287
2. Why Open Source Solaris?
By Daniel Hanson
Sun is getting into the open-source business with Solaris, but will
this
automatically translate into better sales?
http://www.securityfocus.com/columnists/286
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. HTGET URI Buffer Overflow Vulnerability
BugTraq ID: 12039
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12039
Summary:
HTGET is prone to a buffer overflow vulnerability. This vulnerability
is exposed when the software handles a malformed URI.
Successful exploitation may result in execution of arbitrary code in
the context of the client user.
2. PHP Shared Memory Module Offset Memory Corruption Vulnerabil...
BugTraq ID: 12045
Remote: No
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12045
Summary:
PHP shared memory module (shmop) is reported prone to an integer
handling vulnerability. The issue exists in the PHP_FUNCTION(shmop_write)
function and is as a result of a lack of sufficient sanitization performed
on 'offset' data.
This vulnerability may be exploited to make an almost arbitrary write
into process memory. It is reported that the vulnerability may be
leveraged to disable PHP 'safe mode', this may result in further compromise
in a shared-server environment.
3. KDE Konqueror Multiple Remote Java Sandbox Bypass Vulnerabil...
BugTraq ID: 12046
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12046
Summary:
KDE Konqueror is a freely available, open source web browser
distributed and maintained by the KDE project. It is available for the UNIX and
Linux operating systems.
Multiple remote Java sandbox bypass vulnerabilities affect KDE
Konqueror. These issues are due to a failure of the application to properly
secure the Java web plug-in.
The first issue is a failure of the application to restrict access to
sensitive Java classes from the Java browser plug-in. The second issue
is a failure of the application to restrict access to sensitive Java
classes from JavaScript scripts.
These issues may be leveraged to carry out a variety of unspecified
attacks including sensitive information disclosure and denial of service
attacks. Any successful exploitation would take place with the
privileges of the user running the affected browser application.
4. CHPOX Unspecified Vulnerability
BugTraq ID: 12055
Remote: Unknown
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12055
Summary:
chpox is affected by an unspecified vulnerability; it is not known if
this issue is local or remote. The underlying cause of this issue is
currently unknown.
The potential impact of this issue is also unknown. Users are advised
to upgrade to the latest version of the affected software.
More information is not currently available. This BID will be updated
as more details are released.
5. GNU Troff (Groff) Insecure Temporary File Creation Vulnerabi...
BugTraq ID: 12058
Remote: No
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12058
Summary:
GNU Troff (groff) is affected by multiple insecure temporary file
creation vulnerabilities. These issues are due to a design error that
causes the application to fail to verify the existence of a file before
writing to it.
An attacker may leverage these issues to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application.
GNU Troff (groff) 1.18 is reported vulnerable to these issues. Other
versions are likely to be vulnerable as well. This BID will be updated
when more information becomes available.
6. MIT Kerberos 5 Administration Library Add_To_History Heap-Ba...
BugTraq ID: 12059
Remote: No
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12059
Summary:
It is reported that the MIT Kerberos 5 administration library is
affected by a heap-based buffer overflow vulnerability. The vulnerability
presents itself in the 'add_to_history()' function of the
'svr_principal.c' source file. The vulnerability exists due to an indexing error that
occurs under certain circumstances.
An authenticated attacker may potentially exploit this vulnerability on
a Key Distribution Center (KDC) to execute arbitrary code in the
context of the vulnerable service, ultimately resulting in the compromise of
an entire Kerberos realm.
7. LibVNCServer Multiple Unspecified Vulnerabilities
BugTraq ID: 12068
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12068
Summary:
Multiple, unspecified vulnerabilities reportedly affect LibVNCServer.
The underlying cause of these issues is currently unknown.
The potential impacts of these issues are unknown. Due to the nature
of the affected software it is possible that these issues may be
leveraged to conduct denial of service and even system compromise, although
this is not confirmed.
8. Rosiello Security RFTPD Multiple Remote And Local Vulnerabil...
BugTraq ID: 12071
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12071
Summary:
Multiple remote vulnerabilities reportedly affect Rosiello Security's
rftpd. These issues are due to buffer mismanagement and failures to
handle certain network data.
The first issue is a failure of the application to properly implement
an authentication scheme. Multiple information leaks reportedly affects
the application due to a failure to properly NULL terminate strings
created with the 'strncpy()' function. Multiple remote buffer overflows
are reported to affect various commands of the affected server
application. A local buffer overflow exists in the processing of the Message Of
The Day (MOTD) file. Finally, the affected application is affected by an
access validation vulnerability.
These issues may be exploited to gain unauthorized access to the FTP
server, reveal potentially sensitive memory, trigger a denial of service
condition, bypass file and directory permissions, and execute arbitrary
code with the privilege of the affected server process.
9. Perl RMTree Local Race Condition Vulnerability
BugTraq ID: 12072
Remote: No
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12072
Summary:
Perl is reported prone to a local race condition. The vulnerability is
present in the 'rmtree()' function provided by the 'File::Path' module.
A local attacker may exploit this condition to disclose potentially
sensitive data, or to launch other attacks against an application that
employs the vulnerable function.
10. Rosiello Security RPF Multiple Remote And Local Vulnerabilit...
BugTraq ID: 12073
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12073
Summary:
A remote buffer overflow and a local symbolic link vulnerability
reportedly affect Rosiello Security rpf. These issues are due to a failure
of the application to properly validate user-supplied string lengths and
a design error facilitating local symbolic link attacks.
The buffer overflow will allow a remote attacker execute arbitrary code
with the privileges of a user running the vulnerable application,
facilitating unauthorized access and privilege escalation. An attacker may
leverage the symbolic link issue to corrupt arbitrary files with the
privileges of the user that activated the affected application.
11. libTIFF Heap Corruption Integer Overflow Vulnerabilities
BugTraq ID: 12075
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12075
Summary:
It has been reported that libtiff is affected by two heap corruption
vulnerabilities due to integer overflow errors that can be triggered when
malicious or malformed image files are processed. Theoretically, an
attacker can exploit the vulnerabilities to execute arbitrary code in the
context of an application linked to the library, when TIFF image data
is processed (i.e. displayed). Because image data is frequently
external in origin, these vulnerabilities are considered remotely exploitable.
12. MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side B...
BugTraq ID: 12076
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12076
Summary:
Multiple buffer overflow vulnerabilities are reported to exist in the
xine and MPlayer utilities. The following issues are reported:
Several buffer overflow vulnerabilities are reported to exist in the
'pnm_get_chunk()' function.
Reports indicate that the vulnerabilities present themselves in the
RMF_TAG, DATA_TAG, PROP_TAG, MDPR_TAG and CONT_TAG handling code of
'pnm_get_chunk()'.
A remote attacker may potentially leverage this memory corruption to
execute arbitrary code in the context of a user that uses the vulnerable
utility to connect to a malicious PNM server.
An additional buffer overflow vulnerability is reported to exist in the
PNA_TAG handling code of the 'pnm_get_chunk()' function.
It is reported that supplied PNA_TAG data is copied into a finite
buffer without sufficient boundary checks. This results in memory
corruption. A remote attacker may potentially leverage this memory corruption to
execute arbitrary code in the context of a user that uses the
vulnerable utility to connect to a malicious PNM server.
13. Debian Debmake Local Insecure Temporary File Creation Vulner...
BugTraq ID: 12078
Remote: No
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12078
Summary:
A local insecure file creation vulnerability affects Debian's debmake.
This issue is due to a design error that causes the affected
application to create temporary files insecurely.
An attacker may leverage this issue to corrupt arbitrary files with the
privileges of the user that activates the affected application.
14. Linux Kernel 32 Bit Compatibility System Call Handler AMD64 ...
BugTraq ID: 12079
Remote: No
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12079
Summary:
Linux Kernel is reported prone to a local privilege escalation
vulnerability. This issue may allow an attacker to gain elevated privileges
leading to a complete compromise of a vulnerable computer.
It is reported that this issue arises as the 32 bit compatibility
system call handler fails to verify an unspecified argument properly. This
vulnerability only presents itself on the AMD64 platform.
This issue reportedly affects 2.4.x versions of the kernel.
Further details about this issue are currently unavailable. This BID
will be updated if more information is released.
15. Skype Technologies Skype Internet Telephony Insecure Default...
BugTraq ID: 12081
Remote: No
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12081
Summary:
An insecure default installation vulnerability reportedly affects Skype
Technologies Skype. This issue is due to a failure of the application
to properly secure files and directories that are installed.
This issue is only reported to affect Skype for the Linux platform.
An attacker may leverage this issue to create, delete, and write to
arbitrary files and create files in the insecure directory.
16. Snort DecodeTCPOptions Remote Denial Of Service Vulnerabilit...
BugTraq ID: 12084
Remote: Yes
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12084
Summary:
Snort is reported prone to a remote denial of service vulnerability.
The vulnerability is reported to exist in the DecodeTCPOptions() function
of 'decode.c', and is as a result of a failure to sufficiently handle
malicious TCP packets.
A remote attacker may trigger this vulnerability to crash a remote
Snort server and in doing so may prevent subsequent malicious attacks from
being detected.
17. SSLTelnetd Unspecified Format String Vulnerability
BugTraq ID: 12085
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12085
Summary:
Reportedly SSLTelnetd is affected by an unspecified format string
vulnerability. This issue is due to an improper implementation of a
formatted string function.
Specific technical details about this issue were not disclosed. It is
conjectured that due to the nature of the affected application, this
issue is remotely exploitable.
This vulnerability is reported to affect Linux Netkit netkit-telnet-ssl
0.17.17, however, it is likely that other versions are affected as
well.
This BID will be updated when more information becomes available.
18. NetWin SurgeMail Webmail Unspecified Vulnerability
BugTraq ID: 12086
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12086
Summary:
SurgeMail is reported prone to an unspecified vulnerability. This
issue affects the Webmail functionality of the SurgeMail server. Further
details were not released in the report by the vendor. It is
conjectured that due to the nature of this application, this vulnerability may
result from an input validation error. Although unconfirmed, this issue
is considered to be remotely exploitable.
SurgeMail releases prior to 2.2c9 are affected by this vulnerability.
Due to a lack of details, further information is not available at the
moment. This BID will be updated when more information becomes
available.
19. Linux Security Modules Process Capabilities Design Error
BugTraq ID: 12093
Remote: No
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12093
Summary:
It has been reported that Linux Security Modules suffers from a design
error that could result in host compromise. According to the report,
when LSM is loaded as a kernel module, existing processes on the system
will be granted unauthorized capabilities. This includes non-root
processes. A malicious user on the system at this time will have
effectively gained administrative access.
Reported affected are versions of LSM for Linux kernels 2.5.x and
2.6.x. LSM on Linux 2.4.x is reportedly not vulnerable.
20. Nullsoft SHOUTcast File Request Format String Vulnerability
BugTraq ID: 12096
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12096
Summary:
Nullsoft SHOUTcast is prone to a remotely exploitable format string
vulnerability. The vulnerability is exposed when the server attempts to
handle a client request for a file.
Successful exploitation may allow execution of arbitrary code in the
context of the server process. This could also be exploited to crash the
server and, possibly, to read process memory (which could increase
reliability of an exploit).
This issue was reported to exist in version 1.9.4 on Linux. It is
likely that versions for other platforms are also affected by the
vulnerability, though it is not known to what degree they are exploitable.
Earlier versions of the software are also likely affected.
21. Linux Kernel ELF Binary Loading Denial Of Service Vulnerabil...
BugTraq ID: 12101
Remote: Yes
Date Published: Dec 24 2004
Relevant URL: http://www.securityfocus.com/bid/12101
Summary:
The Linux kernel is affected by an ELF binary loading vulnerability.
This issue is due to a failure of the affected kernel to properly handle
malformed ELF binaries.
An attacker may leverage this issue to cause the affected kernel to
crash, denying service to legitimate users.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
1. Honeynet KYE paper (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/385316
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. CoreGuard Core Security System
By: Vormetric
Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
Relevant URL: http://www.vormetric.com/products/#overview
Summary:
CoreGuard System profile
The CoreGuard System is the industry's first solution that enforces
acceptable use policy for sensitive digital information assets and
protects personal data privacy across an enterprise IT environment.
CoreGuard's innovative architecture and completeness of technology
provide a comprehensive, extensible solution that tightly integrates
all
the elements required to protect information across a widespread,
heterogeneous enterprise network, while enforcing separation of duties
between security and IT administration. At the same time, CoreGuard is
transparent to users, applications and storage infrastructures for ease
of deployment and system management.
CoreGuard enables customers to:
* Protect customer personal data privacy and digital information assets
* Protect data at rest from unauthorized viewing by external attackers
and unauthorized insiders
* Enforce segregation of duties between IT administrators and security
administration
* Ensure host & application integrity * Block malicious code, including
zero-day exploits
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS,
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL:
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features
for computer forensics and investigations. With an intuitive GUI and
superior performance, EnCase Version 4 provides investigators with the
tools to conduct large-scale and complex investigations with accuracy and
efficiency. Guidance Software?s award winning solution yields
completely non-invasive computer forensic investigations while allowing
examiners to easily manage large volumes of computer evidence and view all
relevant files, including "deleted" files, file slack and unallocated
space.
The integrated functionality of EnCase allows the examiner to perform
all functions of the computer forensic investigation process. EnCase's
EnScript, a powerful macro-programming language and API included within
EnCase, allows investigators to build customized and reusable forensic
scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000,
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed,
including chat conversations, email, word processor, or even activity within
an accounting or specialist system. It is completely undetectable by
software scanners and provides you with one of the most powerful stealth
surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded
data in it?s own internal memory (not on the hard drive), it is
impossible for a network intruder to gain access to any sensitive data stored
within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any
application available 24 hours per day. With no extra hardware: just use your
existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to
do is add more standard servers into the cluster. With the load
balancing features of SafeKit, you can distribute applications over multiple
servers. If one system fails completely, the others will continue to
serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content
filtering and spam protection internet security software package for
Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris,
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token
using the Cellular. Does not use SMS or communication, manages multiple
OTP accounts - new technology. For any business that want a safer
access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not
buy an Authentication product but would prefer to pay a monthly charge
for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. pasmal 1.5
By: James Meehan
Relevant URL: http://www.elitelabs.org/
Platforms: Linux
Summary:
pasmal 1.5 is a port knocking authentification system using simple or
encrypted tcp/udp/icmp packets. pasmal can be used with
iptables/ipchains (firewall purposes) or any other program (remote shell, reboot,
etc)It is packaged with a php web admin, a command line client
pasmal.client, start/stop rc.d scripts.pasmal 1.5 also feature an intrusion/attempts
detection system due to its sniffers capabilities, running with syslogd
and custom log files.
2. PatchLink Update 6.01.78
By: PatchLink Corporation
Relevant URL:
http://www.patchlink.com/products_services/plu_evaluationrequest.html
Platforms: AIX, DG-UX, Digital UNIX/Alpha, DOS, HP-UX, Java, Linux,
MacOS, Net, NetBSD, Netware, OpenVMS, PalmOS, POSIX, SecureBSD, SINIX,
Solaris, SunOS, True64 UN, True64 UNIX, Ultrix, UNICOS, UNIX, Unixware,
Windows 2000, Windows 95/98, Windows CE, Windows NT, Windows XP
Summary:
With PATCHLINK UPDATE, patch management is the secure, proactive, and
preventative process it should be. PATCHLINK UPDATE scans networks for
security holes and closes them with the click of a mouse, no matter the
operating system, the vendor applications, the mix, or the size of the
environment. From 5K nodes to 20+K nodes, PATCHLINK UPDATE works
quickly, accurately and safely to ensure desktops and servers are patched
correctly and completely the first time around.
3. AutoScan b0.92 R6
By: Lagarde Thierry
Relevant URL: http://autoscan.free.fr/
Platforms: Linux
Summary:
AutoScan is an application designed to explore and to manage your
network. Entire subnets can be scanned simultaneously without human
intervention. It features OS detection, automatic network discovery, a port
scanner, a Samba share browser, and the ability to save the network state.
4. ksb26-2.6.9 Kernel Socks Bouncer for 2.6.x kernels 2.6.9
By: Paolo Ardoino
Relevant URL: http://ardoino.altervista.org/kernel.php
Platforms: Linux
Summary:
KSB26 [Kernel Socks Bouncer] is Linux Kernel 2.6.x patch that redirects
full tcp connections [SSH, telnet, ...] to follow through socks5. KSB26
uses a character device to pass socks5 and target ips to the Linux
Kernel. I have choosen to write in kernel space to enjoy myself [I know
that there are easier and safer ways to write this in userspace].
5. rootsh 0.2
By: Gerhard Lausser
Relevant URL: http://sourceforge.net/projects/rootsh/
Platforms: AIX, HP-UX, Linux, POSIX, SINIX, Solaris, UNIX
Summary:
Rootsh is a wrapper for shells which logs all echoed keystrokes and
terminal output to a file and/or to syslog. It's main purpose is the
auditing of users who need a shell with root privileges. They start rootsh
through the sudo mechanism. I's in heavy use here at a big bavarian car
manufacturer (three letters, fast, cool,...) for project users whom you
can't deny root privileges.
6. Maillog View v1.03.3
By: Angelo 'Archie' Amoruso
Relevant URL: http://www.netorbit.it/modules.html
Platforms: Linux
Summary:
Maillog View is a Webmin module that allows you to easily view all your
/var/log/maillog.* files. It features autorefresh, message size
indication, ascending/descending view order, compressed file support, and a
full statistics page. Sendmail, Postfix, Exim, and Qmail (partially) are
supported. Courier MTA support is experimental.
VII. SPONSOR INFORMATION
-----------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------